The Suspicious Activity Reporting System (SARS), created by the five federal financial
supervisory agencies and the Financial Crimes Enforcement Network (FinCEN), is two years
old. SARS has processed approximately 150,000 reports of suspicious activity submitted by
depository institutions. Those reports are available electronically, in their entirety, to
the systems builders, to five federal law enforcement agencies (with two additional
agencies about to be added to the list), 52 state and territorial law enforcement
agencies, and 25 state bank regulators.

The development and operation of SARS is a special responsibility and a special
challenge. SARS was designed to be the centerpiece of a new approach to using the Bank
Secrecy Act (BSA) to fight financial crime, and involved an unparalleled attempt to build
an explicit and continuous data flow about potentially serious activity among:

depository institutions detecting that activity;

the five federal financial supervisory agencies (the Federal Reserve Board, Office of
the Comptroller of the Currency, Federal Deposit Insurance Corporation, Office of Thrift
Supervision, and National Credit Union Administration), and the Treasury Departments
FinCEN; and

law enforcement officials throughout the United States.

Under the system, FinCEN is designated as the single filing point for suspicious
activity reports and is responsible for distributing the information within the
government. FinCEN is also responsible for analyzing this information and providing the
resulting intelligence to investigators, regulators, and the banking industry.

None of these goals can be accomplished unless everyone involved understands how SARS
is organized, how it is working (or failing to work), and what steps can be taken to
expand its sophistication and effectiveness and correct its shortcomings. This "1st
Review of the Suspicious Activity Reporting System" covers each of these areas.

Therefore, this document is (as any first review must be) an "interim"
statement that focuses on the challenges ahead. I think that readers of this review will
gain a clear sense of what has been done; perhaps, and equally important, it is hoped that
readers will also gain an understanding as to what remains to be done to continue to move
SARS closer to its objectives, especially in the fight against money laundering.

Without the banking communitys efforts and continuing support, SARS would not be
a reality today. The first 18 months of data indicate that banks have adapted quickly and
effectively to the systems requirements; it is also clear that banks are working
diligently to improve the quality and effectiveness of suspicious activity reporting.

As part of our ongoing review, we hope that this document generates reactions from the
nations bankers that will improve SARS. We encourage readers to forward their
comments to FinCEN about the system as well as their thoughts about this review of
SARS first 18 months of operation.

The Suspicious Activity Reporting System (SARS) is two years old. This first review of
the system is intended to provide a "snapshot" of SARS during the first 18
months of operation (April 1, 1996 through September 30, 1997); this review also provides
a summary of the results of SARS development and operation up to that date. It
describes:

how SARS is set up;

the data reported under SARS;

how SARS data is processed;

who uses the data;

what the data indicates so far;

how value can be added to the data; and

open issues about SARS and next steps in its development.

FinCEN manages the system for all agencies involved. However, to support its own
mission, FinCENs primary interest is in the reporting and use of information
relating to potential money laundering; therefore, this review emphasizes data relating to
that subject.

No system for the reporting of suspicious transactions can be effective unless
information flows from as well as to the government. This review is one of
the methods by which FinCEN and the Department of the Treasury are seeking to increase an
understanding of the way SARS is working and the kinds of information banks are reporting.
As indicated in the Acting Directors Statement, FinCEN encourages comments not only
on the substance of this review but also upon the way this document presents information
to its readers.

Depository institutions are required to file suspicious activity reports by the
authority of the Secretary of the Treasury under the BSA to:

require any financial institution, and any director, officer, employee, or agent of any
financial institution to report any suspicious transaction relevant to a possible
violation of law or regulation,

1

and the general supervisory authority of the five federal financial supervisory
agencies (that is, the Federal Reserve Board (FRB), Office of the Comptroller of the
Currency (OCC), Federal Deposit Insurance Corporation (FDIC), Office of Thrift Supervision
(OTS), and National Credit Union Administration (NCUA)). Each supervisory agency issued
rules under its own authority that makes SAR filings mandatory.

Two prior reporting systems were replaced by the SAR rules. The first of those earlier
systems required depository institutions to report transactions that indicated the
existence of "known or suspected violations of federal law" by filing multiple
copies of criminal referral forms; these forms were filed with their respective primary
federal financial regulator and with federal law enforcement agencies (including, in most
cases, the Federal Bureau of Investigation, the United States Secret Service, and the
Criminal Investigation Division of the Internal Revenue Service). At the same time,
depository institutions were encouraged to indicate on the Currency Transaction Report
(CTR) where particular currency transactions appeared to be "suspicious." This
was indicated by marking a box specifically included on the CTR for that purpose. (The box
on the CTR could also be used to report suspicious currency transactions in amounts less
than $10,000.)

Approximately 150,000 CTRs filed in 1995, the last
full year the previous system was in place, were marked as suspicious. There is no
accurate count of the number of criminal referral forms (CRFs) filed in that year;
estimates range from between 40,000 and 60,000 forms. A significant number of transactions
were reported on both forms (that is, by filing a CRF and a CTR marked
"suspicious"). The absence of centralized electronic files makes it impossible
to compute the precise degree of double filing.

The implementation of SARS achieved several important objectives:

to create one form, adopted by all agencies involved, that can be forwarded to a single
collection point to satisfy all applicable filing requirements;

to use a single centralized database system so that information can be simultaneously
made available to the federal financial supervisory agencies;

to provide federal and state law enforcement officials with access to this same
database, making the information available quickly;

to provide information about the types of financial crimes affecting depository
institutions nationwide and the manner in which government agencies respond to these
reports; and

to provide an ability to understand patterns of suspicious activity--or at least
activity thought by bank officials to be suspicious--so that government can alert banks to
emerging patterns of white collar crime.

On a more fundamental level, SARS reflects the philosophy that suspicious transaction
reporting is central to counter-money laundering policy, both in the United States and

abroad. Officials at financial institutions are more likely than government officials
to have a sense as to what transactions appear to lack commercial justification or
otherwise cannot be explained as falling within the usual methods of legitimate commerce.
Under those circumstances, simply relying on currency transaction reporting is neither
adequate nor cost effective for either the institutions involved or the government. The
change in emphasis moves the enforcement focus from reporting all routine currency
transactions above a certain amount to reporting information most likely to be of use to
law enforcement officials and financial regulators. SARS, then, is a key component of the
flexible and cost-efficient compliance program under the BSA required to prevent the use
of the nations financial system for illegal purposes.

The relevant rules call for the reporting of five general types of activity:

1. insider abuse of a financial institution, involving any amount, detected by the
institution;

2. federal crimes against, or involving transactions conducted through, a financial
institution that the financial institution detects and that involve at least $5,000 if a
suspect can be identified, or at least $25,000 regardless of whether a suspect can be
identified;

3. transactions of at least $5,000 that the institution knows, suspects, or has reason
to suspect involve funds from illegal activities or are attempts to hide those funds;

4. transactions of at least $5,000 that the institution knows, suspects or has reason
to suspect are designed to evade any regulations promulgated under the BSA; and

5. transactions of at least $5,000 that the institution knows, suspects, or has reason
to suspect have no business or apparent lawful purpose or are not the sort in which the
particular customer would normally be expected to engage and for which the institution
knows of no reasonable explanation after due investigation.

The standard reporting form used for SARS appears at Appendix B.

What has been reported?

The start-up for SARS was swift. A total of 109,887

3 SAR filings were submitted during the first 18 months. Figure 1 shows SAR
filings by month during this period. A relatively stable level of filingsan average
of 6,000 reports each monthwas reached after only a few months in operation. A
review of the total number of SAR filings reveals that: as many as 92.7% were initial
reports of suspicious

3

Approximately 500
filings in the database were submitted by financial institutions other than depository
institutions. Many of these institutions (broker-dealers and money services businesses)
are likely affiliated with depository institutions or bank or thrift holding companies;
the remainder have submitted SAR filings voluntarily; about 100 voluntary filings are
being segregated into a separate database.

filings (13.7%) did not complete the field that identifies the form as an
"initial,""supplemental," or "corrected" filing; most, if
not all, of those forms appeared to be initial filings.

Figure 2 shows the total number of SAR filings by state and territory. The breakdown by
state or territory may, in some cases, reflect the location of a central office that filed
the SAR form rather than the branch or office where the reported activity occurred. A
complete breakout by state and territory during the 18-month period has been provided to
the American Bankers Association.

The 109,887 SAR filings identified a total of 117,532 possible violations of law.
Approximately 9% of the reports cited more than one possible violation using the
categories in item 37 (Summary of Characterization of the Suspicious Activity) of the SAR
form. As Figure 3 indicates, 39.8% (46,738) of the total number of reported violations
were for BSA/money laundering violations; 29%various frauds; 6%various acts of
theft; 5.5% various acts of counterfeiting; and 5% check kiting offenses.

The majority of the filings listed amounts equal to $50,000 or less: 16% fell below the
$5,000 range (which is below the minimum reporting threshold), 28.5% fell in the
$5,000-$10,000 range, and 37.9% fell in the $10,000-$50,000 range. Approximately 17.6% of
the reports involved reported amounts greater than $50,000. The reports of dollar values
for the potential crimes are problematic, especially at the upper end of the scale, where
analysts have identified either obvious data entry errors or situations in which banks
have properly entered the face amount of attempted frauds (like a poorly counterfeited
security) that the bank quickly rejected.

Figure 3

Who Reports?

The reporting obligations extend generally to each national or state-chartered bank or
thrift institution, and to federally-chartered credit unions. The rules of the federal
financial supervisory agencies also require reporting by bank holding companies and by
other non-depository institutions subsidiaries of those holding companies. Currently,
there are approximately 19,000 financial institutions subject to the reporting
obligations.

The SAR rules require the reporting institution to identify its primary regulatory
agency when filing a report. During the first 18 months of the system, banks identified
their primary regulatory agencies on the form as follows:

Regulator

Number of SAR Filings*

Office of the Comptroller of the Currency

60,313

Federal Deposit Insurance Corporation

21,596

Office of Thrift Supervision

13,476

Federal Reserve Board

13,330

National Credit Union Administration

3,802

*Reporting institutions sometimes designated several agencies as a "primary
regulator" (because of the overlapping nature of bank regulation). Therefore, the
total number of SAR filings broken out by regulator exceeds the number of filings by
submitting institutions.

How are Forms Processed

?

The forms are filed either in paper form or on magnetic media (tapes or diskettes).
They are sent to the Enterprise Computing Center-Detroit (DCC) of the Internal Revenue Service (IRS)
for input into SARS. (DCC is a centralized IRS information processing facility, but it is
also responsible for processing most data reported under the BSA.)

Forms filed in paper format (approximately 70% of the total for the first 18 months of
SARS operation) are key punched; forms filed on magnetic media (approximately 30% of
the total) are transferred directly to SARS.

The average input posting time (that is, the time between the date a report is received
and the time it becomes available to those who have direct dial-in access to SARS) is
approximately 3.4 workdays for magnetic input and 9.7 workdays for paper input.

The DCC has made available the technical specifications for the magnetic filing of SAR
forms. This information can be found on the Internet at FinCENs website which is
located at http://www.treas.gov/fincen.
Depository institutions can also contact DCC at (313) 234-1422. A personal computer
software application for DOS and Windows® is also available free of charge. This program
allows banks to mail a floppy disk of completed SAR forms to DCC. Banks should check with
their primary regulator for available software applications.

The reports, other system data, and associated software are located on an Hitachi 8424
mainframe with associated Direct Access Storage Devices (DASD) at DCC. The operating
system on the Hitachi is JES/ESA version 5.1. The system supports a C2 level of
information security certification. Direct access to the system is accomplished through
dial-in access to DCC.

Who Uses the Reported Information?

One of the basic principles of SARS is that information being reported must be made
available to financial regulators and to law enforcement personnel quickly and as
reported (that is, without being delayed for additional reviewing and sorting). There
are several reasons for this approach. First, the nature of crimes covered by the
reporting requirements makes it counter-productive to segregate reports geographically. A
filing concerning a transaction involving an Illinois resident by a bank in Indiana may be
of equal interest to federal or state agents in either state (or perhaps in a third state
to which the conduct can be linked). Second, the data has multiple uses and its value can
only be maximized by permitting as many agencies as possible to evaluate the information
and its relevance to their ongoing responsibilities. Third, widespread distribution of
SARS information replicates the process of distributing information under the old criminal
referral systeminformation is simultaneously available to various regulatory and law
enforcement agencies.

Finally, it should be understood that a significant number of SAR filings are being
submitted to confirm potential violations about which law enforcement agencies have
already been directly notified by the institution involved. Approximately 22% (29,646) of
the filings during the first 18 months of the system indicate that a direct contact with
law enforcement officials occured prior to the date the report had been filed.

The following example illustrates the usefulness of SARS to investigators.

Last October, Loomis Fargo & Co. in Charlotte,North Carolina reported a theft of
$17 million from its vault. An armored-car employee, David Scott Ghantt,was reported
missing the following day and became the primary suspect.

Two days after the theft, associates of Ghantts began making large cash deposits
in several banks. A teller at one of the banks filed a SAR report after one of the
associates asked how much money could be deposited before a bank was required to file a
form with the federal government. The associate went on to state that "the bank did
not have to worry because the money was not from drugs."

When the same associate went to another bank with $200,000 in cash, the bank refused
her request for a bank check and also filed a SAR form. Meanwhile, an informant told FBI
investigators that several associates of Ghantt were making extravagant and suspicious
purchases with large amounts of currency.

As the FBI in Charlotte began looking into Ghantts associates, the SAR filings by
the Charlotte-area banks provided a crucial paper trail for investigators to follow. Jim
Walsh, Supervisory Special Agent of the FBIs white-collar crime squad for North
Carolina, states that his agents check SARS daily for new reports of suspicious activity.

In this case, SAR filings helped investigators follow the money, ultimately leading to
the arrest of seven accomplices who were charged with sharing in $13.7 million stolen by
Ghantt. In addition, investigators used SARS, along with traditional investigative
techniques, to piece together the clues which led them to discover Ghantt was in Mexico.
He was taken into custody on March 1. Ghantt and his associates who were charged with
helping him escape, now face up to 10 years in prison and a $250,000 fine.

Federal
Law Enforcement Agencies

Currently, five federal law enforcement agencies have
full access to the information in SARS. Three of the five agenciesthe Federal Bureau
of Investigation (FBI), the U.S. Secret Service (USSS), and the U. S. Customs Service
(USCS)have chosen to obtain SARS information by downloading data in bulk onto their
internal computer systems rather than obtaining access to the system itself. (Full access
to SARS has recently been approved for both the Drug Enforcement Administration and the
United States Postal Inspection Service. It is anticipated that both agencies will dial
directly into DCC in order to obtain access to the information.)

1. IRS-Criminal Investigation Division

The Criminal Investigation Division of the Internal Revenue Service (IRS-CID) accesses
SARS data through the Currency and Banking Retrieval System (CBRS). A designated IRS-CID
coordinator reviews the reports each month (or more frequently, in some cases) for
referral to particular districts and further development. Review criteria includes the
existence of multiple SAR filings, the nature of the suspected activity, the existence of
any background information, and anticipated success in prosecuting the criminal activity.

IRS indicates that reviewing SAR filings has resulted in significant benefits. Although
specific tracking has not yet been conducted on cases emanating strictly from SARS, IRS
estimates that 954 cases have been opened over the past three years from BSA reporting
programs and Form 8300 reporting (Reports of Cash Payments Over $10,000 Received in a
Trade or Business). IRS states that using the SAR filings has already contributed
significantly to counter-narcotics investigations. In New Jersey, for example, 16
seizuresproducing almost $2 million in forfeituresare attributed to
information from SARS. In addition, referrals for tax crime evasion investigations are a
collateral benefit produced by IRS regular review of SAR filings for BSA violations.

2. U.S. Customs Service (USCS)

The SAR forms are downloaded from the IRS Enterprise Computing Center-Detroit (DCC) to the
Treasury Enforcement Communications System (TECS) maintained at Newington, Virginia; they
are accessible through TECS to all USCS field offices. Field offices also receive a
printout of the reports applicable to their particular area for further review. USCS has
indicated that a wide variety of suspected money laundering investigations have either
been initiated or bolstered by SARS information. USCS is exploring ways to set up a
tracking system for cases resulting from SARS information.

3. U.S. Secret Service (USSS)

The USSS downloads the forms from DCC to its Headquarters in Washington, D.C. The SAR
forms are then immediately loaded onto the Secret Services Intranet, where the
information can be searched and compared against other USSS reports and databases by all
of the USSSs field offices. A followup official message is also sent to the
respective field offices which serves as both a review and summary of the most recent SAR
filings in the region.

4. Federal Bureau of Investigation (FBI)

The FBI downloads systems data from DCC into a subset of the FBIs Automated Case
Management System. Each field office then has direct access to SAR reports relating to its
particular jurisdiction or geographical area.

5. U.S. Department of Justice

Each U.S. Attorneys Office can access SARS directly by dialing via modem to DCC.
Designated coordinators within each office review the SAR reports.

6. Financial Crimes Enforcement Network (FinCEN)

FinCENs analysts have complete access to SARS. The system is routinely queried as
part of FinCENs case research; analysts also use the information for general
analytical projects and analyses of the system data as described below.

7. Local Task Forces

Federal law enforcement officials in various jurisdictions have formed working groups
to evaluate SAR filings relating to their localities. An especially promising effort is
underway in New Jersey under the auspices of the U. S. Attorneys Office; other efforts are
underway in San Diego, California and South Florida. As discussed in chapter four, FinCEN
plans to increase its efforts to support these task forces.

State Law Enforcement Agencies

Fifty-two state and territorial law enforcement agencies
participate in FinCENs Gateway Program. This program enables state and local law
enforcement agencies to have direct, on-line access to records filed by banks and others
under the BSA. Using software designed by FinCEN, Gateway saves investigative time and
money. User agencies can conduct their own research directly. Gateway users can also
retrieve SAR filings submitted by institutions within their state. (A list of these law
enforcement agencies with direct access to SARS appears inAppendix C.)

Supervisory Agencies Federal Financial

The Federal Reserve Board and the 12 Federal Reserve
Banks, the Office of the Comptroller of the Currency, and Federal Deposit Insurance
Corporation, the Office of Thrift Supervision, and the National Credit Union
Administration each have access to SARS at offices throughout the U.S.

Supervisory Agencies

SARS is available to each states financial
supervisory agency with respect to reports filed by institutions subject to that
agencys jurisdiction. (A list of state supervisory agencies with access to SARS
appears in Appendix D.)

The first 18 months of SAR filings identifying suspected money laundering and
violations of the Bank Secrecy Act (BSA) are valuable in several respects. First, the
filings can be used by law enforcement agencies to open or support investigations. Second,
the filings have identified the types of transactions on which banks are focusing their
anti-money laundering efforts. Finally, FinCEN analysts are reviewing the data and
developing ideas for changes that must be made to maximize the utilization of the
information being reported.

Nature of Transactions Being Reported

As indicated previously, 46,738 reports citing possible violations of the BSA, possible
money laundering or both were filed during SARS first 18 months. This was the
largest single category of reports filed. FinCEN analysts have reviewed a majority of
those reports as well as the other reports filed during the same period. The results of
this review are described below.

The majority of filings citing BSA or money laundering violations relate to the
deposits or withdrawals (or attempted deposits or withdrawals) of currency. It is not
surprising that a primary emphasis of banks during SARS first 18 months was on more
detailed reporting of such transactionstransactions that were previously noted as
"suspicious" simply by a check in the appropriate box on the Currency
Transaction Report or transactions that might not have been reported at all if a customer
simply withdrew from or reduced the amount of cash involved in the transaction. The
additional information now being provided on the SAR forms provides the ability to draw
some conclusions about this category of transactions.

Thus, approximately 39,000 reports have been identified through the use of the system
which include the terms "currency," "cash," or "deposit" in
their narrative sections; approximately 21,000 filings (many but not all of which involved
currency) dealt with situations in which customers sought to change the amounts of cash or
monetary instruments involved once they were informed that the transactions required
special recordkeeping or reporting. The narrative sections of these particular SAR forms
indicate that most of the transactions involved teller-customer contact.

Based on the review of SAR filings in this category, FinCEN believes that approximately
50% of the 46,738 reported BSA/money laundering violations represent, for the most part,
simple and unrepeated attempts to avoid the BSA reporting requirements, which are probably
not linked to serious ongoing enterprise criminality. This number includes about 19,000
"deposit-withdrawal" cases.

This conclusion does not mean that the switch to SARS is without benefit, even in such
cases. First, the number of transactions reported is far lower in this category than the
number of times a bank checked the suspicious activity box on the CTR. Bankers are paying
closer attention to the facts when determining whether or not activity is suspicious.
Moreover, the addition of a detailed narrative makes the data more valuable than it was
when banks could only check a box on the CTR. This value is illustrated by the fact that
it is now possible to summarize the sorts of conduct involved in the reports. In addition,
SAR filings in this group can become extremely valuable for certain investigations. This
fact has been confirmed in a number of situations involving tax evasion.

The other 50% of the 46,738 reported BSA/money laundering violations fall into three
groups.

1. There are a large number of cases that have been detected and explained by the
filing institutions which might be called "sloppy money laundering" 
repeated attempts and relatively unsophisticated schemes to structure deposits or to use
several persons to move currency into the same account.

2. Analysts have identified approximately 4,200 reports that involve the ongoing
movement of funds in an organized way through particular accounts. For example, a number
of reports appear to be linked to subjects under investigation in connection with the use
of Black Market Peso Exchange transactions (for more information on this money laundering
scheme, refer to Appendix E: FinCEN Advisory Issue 9 Colombian Black Market Peso
Exchange).

3. Approximately 4,000 reports focus on bank activity other than currency deposits and
withdrawalsmost importantly, suspicious funds transfer (wire transfer) transactions.
In fact, a significant number of reports marked as "wire fraud" probably involve
money laundering. FinCEN analysts believe that this last group of reports is likely to
provide the most promising area for case development. As indicated in Chapter Four, FinCEN
plans to focus resources on further analyzing this information.

Correlation to other Reported Matters

FinCEN analysts correlated the SAR filings in the following ways:

SAR filings and Other BSA Forms

There is a significant degree of overlap between the
reported BSA/money laundering violations and other BSA filings, such as currency
transaction reports.Approximately 14,285 persons named as suspects on SAR filings (32% of
the total number of persons named as suspects) were also identified on other BSA filings,
involving approximately 30,000 separate bank accounts. While some overlap is expected (a
SAR report and a CTR must be filed on suspicious currency transactions in excess of
$10,000), FinCEN analysts believe that at least 50% of these instances involve CTR filings
for transactions other than those to which the SAR filing relates. Such overlap can
provide a significant source of additional information for particular investigations and
create opportunities for further proactive analysis.

SAR Filings and FinCENs Investigative
Support

As part of its support to law enforcement investigations,
FinCEN analysts use a variety of data sources, including BSA filings, to link together
various elements of a crime, essentially helping investigators find the missing pieces of
the criminal puzzle. The BSA data, for instance, can link people together when it is shown
they are using the same bank accounts. FinCEN assists about 150 law enforcement and
regulatory agencies in this way, supporting about 6,800 cases each year. Once FinCEN
provides information to law enforcement, the suspects names and other information
are recorded in the FinCEN database, a repository of information is itself usefulfor
future research and analysis.

Suspicious activity reports can add significantly to FinCENs investigative
support resources. In preparing this review, FinCEN analysts searched FinCENs case
support records and found that SAR filings related to 391 FinCEN cases. In half the cases,
the case file had been opened before the SAR form was submitted (that is, a suspect named
in a SAR filing was already the subject of an enforcement or regulatory inquiry); the
remaining cases were probably results of SAR filings which led investigators to request
additional information from FinCEN.

The range of cases in which SAR filings matched other FinCEN case files was broad. The
cases included:

168 money laundering investigations;

101 fraud investigations;

26 investigations involving financial institutions or their insiders;

23 embezzlement or theft investigations; and

19 narcotics trafficking investigations.

In slightly more than half the cases, FinCEN received a request to provide a more
in-depth analysis of the person(s) named in the report following the filing of the initial
suspicious activity reporta fact that illustrates that law enforcement sees the
potential for information exchange between FinCENs other data sources and SARS.

Examples of Reported Transactions

Examples of transactions or sequences of transactions reported during the first 18
months of SARS are described below. The examples are, of course, only illustrative. A
report is only an indication of potential wrongdoing, and there are times when even the
most convoluted transactions have nothing to do with money laundering. Still, it is useful
for law enforcement officials, regulators, and bankers to have a sense of the types of
transactions that bankers perceive as possibly involving money laundering or BSA
violations:

Structuring

Ninety-four currency deposits, mostly in amounts slightly
under the currency transaction reporting threshold ($10,000) and totaling $637,000 were
made over a two-year period by a customer who identified herself as a
"housewife."

A deposit was made in $100 bills (just under the reporting threshold) by a customer
whom the teller noted was filling out another de-posit slip for an account at the same
bank; later the same day, when told of the CTR requirement, the customer canceled a
transaction involving a deposit of the same amount, again in $100 bills, at a second
branch of the same bank.

A deposit of less than $10,000 in currency matched a second deposit of currency of less
than $10,000 by the same person, made at an ATM machine or night depository of the same
bank after the close of business on the same banking day.

Deposits totaling more than $10,000 in currency were made in less than one hour at
different branches of the same bank, by three individuals, none of whom was the account
holder.

Transactions Involving Monetary Instruments

A deposit of $500,000 was made in sequentially numbered
travelers checks.

A deposit of approximately $300,000 in travelers checks containing illegible
payees and endorsers signatures was received from a foreign bank.

A deposit of four blank $500 postal money orders in consecutive numbers and $1,780 (in
$10 dollar bills) was made into an account from which the customer immediately used the
total deposited to buy a bank check.

A purchase of two cashiers checks for $9,000 was made using currency. The
transactions were conducted by a husband and wife on consecutive days. The checks were
made payable to the same payee.

A purchase of bank checks for amounts between $4,000 and $9,000 was made by a customer
on three consecutive days using currency.

Unusual Account Activity

Large amounts of currency were deposited into an account,
followed soon after by the presentment to the account for payment of several checks whose
payeees were foreign nationals and businesses. The account holder had no known business
relationship with other countries.

Large sums of currency were made at different branches. These deposits were followed by
funds transfers to a single payee in a country or countries - either in the same region or
through out the world - to which the customer had no known connection.

5

Transactions Involving Food Stamps

6

A customer deposited "boxes of food stamps" in
amounts inconsis-tent with the size of his discount grocery business.

Fifty deposits of food stamps were made by a bank customer; the amount of each deposit
was just under $10,000. Recurrent deposits valued between $1,000 and $4,000 in foods
stamps (some sequentially numbered) were made by a customer with no prior history as a
food stamp redeemer.

Approximately $3,500 in $1 food stamps was deposited into a grocery store account by an
unknown individual.

A large volume of food stamps was deposited by a convenience store owner after the
business closed for renovation. The stores account history shows food stamp
depositsclose to $2 million in an 18-month periodto be unusually high.

Transactions Involving Funds Transfers

Multiple transfers of funds were made to a bank from
several accounts at other banks. These transfers were followed by an order to wire the
balance of the funds into an offshore account.

During a two-week period, three transactions involved the deposits

5

The checks were payable to companies located in
Panama, El Salvador, Mexico, Germany, Singapore and India.

6

Over 200,000 stores are
authorized to redeem food stamps. Typical fraudulent food stamp transactions involve
exchanging food stamp coupons for cash or contraband such as illegal narcotics or weapons.
The coupons are usually sold for 50% to 70% of face value and may be sold to
intermediaries or corrupt food merchants. Food merchants are authorized only to take the
stamps in exchange for purchases of food. The Inspector General, Department of Agriculture
has reported that "it is not uncommon for food stamp traffickers to be part of other
criminal enterprises, such as theft, or fencing rings, or drug trafficking
operations."

of just under $10,000 in currency into an account; these
deposits were followed by an order to transfer the account balance to the same transferee.

During a four-month period, large wire transfers (arriving at a rate that occasionally
reached more than one inbound transfer a day) were received for the account of a customer
who structured cash withdrawals as soon as the funds were received.

Deposits of currency into a customers account were followed immediately by a
combination of funds transfers, purchases of cashiers checks, and structured cash
withdrawals by the customer.

Multiple structured cash deposits were made through several branches of the same bank.
These deposits were followed by weekly funds transfers of the account balances out of the
U.S. Regular deposits between $1,000 and $9,500 in currency were made into accounts from
which the balances were immediately withdrawn. The withdrawals were accomplished by funds
transfers or by payment of large checks. These transactions were presented by a customer
who had the same address as three other customers reported for suspicious activity by the
same bank.

Transactions

Involving Loan Repayments

An accelerated payment of four car loans was made with
currency primarily consisting of $20 bills.

A payment of an outstanding loan balance was made with $20,000 in currency.

The effectiveness of SARS depends upon continuing improvements and taking the steps
necessary to maximize its usefulness. Towards this goal, FinCENs plans include the
following:

Improved Analysis

The foundation of SARS has been the distribution of raw
data to all agencies with a potential interest to maximize the usefulness of the reported
information. However, given the volume and variety of reports involving potential BSA
violations, instances of possible money laundering, or both, additional steps must be
taken to ensure that relevant information is identified and used.

Therefore, FinCEN is dedicating an analytical team (reporting di-rectly to senior
management) to work with SARS information. The team will have three primary functions. It
will:

Track the number and characteristics of SAR filings as they are

submitted, to supplement the work done by the primary users of SARS.

Match all incoming SAR filings with other FinCEN information to produce background
materials relating to specific filings that can be forwarded to appropriate law
enforcement officials and regulatory agencies.

Analyze SAR filings which may be of special interest even when the necessary
information is not immediately available from other FinCEN data sources. Doing so will
ensure that significant trends or transactions will not go unnoticed simply because they
are new. It is anticipated that FinCEN will work closely with and enter into "joint
ventures" with law enforcement task forces throughout the U.S.--for example, the SAR
task force in New Jersey. This type of activity should provide sources of field
information to bring important SAR filings into focus and to assure an interested audience
for the resulting analyses.

The results of the work performed by this special analytical group should be reflected
in next years review of the progress of SARS.

Improved Case Tracking

There is a natural hesitancy for organizations to track
the relationship between the volume of reported information and the opening of particular
cases. Indeed, any effort to measure the effectiveness of SARS based solely on that
correlation would be misguided; the information developed from reporting suspicious
activities can provide a context for particular prosecutions or investigations without
becoming directly a part of the evidence chain in those investigations.

At the same time, institutions which focus effort and incur the cost of filing reports
must be provided with feedback that their work is generating a meaningful government
responsethat the information they provide is important and is being used. FinCEN
will work with the law enforcement agencies that use SARS to meet this need. In addition,
FinCEN has asked law enforcement users to suggest how the system can capture information
provided by user agencies about cases being developed based on SAR filings.

Improved Reporting

One reason that expanded analysis is critical is the
pattern of the transactions now being reported. There is every reason to believe that the
majority of U.S. banks are now paying careful attention to anomalies at the tellers
window (or perhaps the ATM machine) and reporting them in detail. However, it is necessary
to develop and apply the principles of suspicious activity reporting to other parts of
banking operations.

An initial emphasis on the reporting of the familiar is to be expected, and indeed is
one of the reasons that the placement of large sums of currency through the nations
banks has declined so significantly. However, the money laundering process is extremely
complex and is by no means limited to currency transactions or initial entry of funds into
the financial system.

A crucial task of expanded and intensified analysis of particular the shift in focus --
or rather the expanded focus -- that suspicious activity reporting ultimately must attain.
Although the language of the reporting rules themselves provide the ultimate limit of a
banks reporting obligation, banks can reasonably be expected to ask for guidance
about the manner in which they should direct their own compliance resources to ensure a
reasonable ratio of benefit to cost. FinCEN must focus efforts on providing guidance to
assist in the development of the reporting regime, both by informing the banking community
of specific schemes about which government is concerned and by illustrating the
application of the general rules for reporting to particular parts of a banks
overall operations.

Conclusion

SARS has made a strong and effective beginning. A nationwide system is now in place for
the filing and distribution of suspicious activity reports. Equally, if not more
importantly, the banking community has made strong efforts to support SARS.

The process of building the system, however, is far from over. The systems
effectiveness depends upon continued attention to the steps necessary to bring it to
maturity. Improving analysis of information, tracking resulting cases, refining
expectations about the scope of reporting, and providing feedback to financial
institutions are all part of the growth process. These steps can only occur if all the
government agencies and private institutions involved work together to identify and solve
problems in the systems operation.

We hope that the first review of SARS will contribute to, and stimulate its growth and
improvement. As we have indicated in the opening statement, we welcome comments on SARS
and its future direction.

UNITED STATES CODE
TITLE 31 MONEY AND FINANCE
CHAPTER 53-MONETARY TRANSACTIONS
SUBCHAPTER II-RECORDS AND REPORTS ON MONETARY INSTRUMENTS TRANSACTIONS

A complete text of 31 U.S.C. 5318(g);

(g) Reporting of Suspicious Transactions.

(1) In general. - The Secretary may require any financial institution, and any
director, officer, employee, or agent of any financial institution, to report any
suspicious transaction relevant to a possible violation of law or regulation.

(2) Notification prohibited. - A financial institution, and a director, officer,
employee, or agent of any financial institution, who voluntarily reports a suspicious
transaction, or that reports a suspicious transaction pursuant to this section or any
other authority, may not notify any person involved in the transaction that the
transaction has been reported.

(3) Liability for disclosures. - Any financial institution that makes a disclosure of
any possible violation of law or regulation or a disclosure pursuant to this subsection or
any other authority, and any director, officer, employee, or agent of such institution,
shall not be liable to any person under any law or regulation of the United States or any
constitution, law, or regulation of any State or political subdivision thereof, for such
disclosure or for any failure to notify the person involved in the transaction or any
other person of such disclosure.

(4) Single designee for reporting suspicious transactions

(A) In general. - In requiring reports under paragraph (1) of suspicious transactions,
the Secretary of the Treasury shall designate, to the extent practicable and appropriate,
a single officer or agency of the United States to whom such reports shall be made.

(B) Duty of designee. - The officer or agency of the United States designated by the
Secretary of the Treasury pursuant to subparagraph (A) shall refer any report of a
suspicious transaction to any appropriate law enforcement or supervisory agency.

(C) Coordination with other reporting requirements. - Subparagraph (A) shall not be
construed as precluding any supervisory agency for any financial institution from
requiring the financial institution to submit any information or report to the agency or
another agency pursuant to any other applicable provision of law.

CODE OF FEDERAL REGULATIONS
TITLE 31-MONEY AND FINANCE: TREASURY
PART 103-FINANCIAL RECORDKEEPING AND REPORTING OF CURRENCY AND FOREIGN TRANSACTIONS
A complete text of 31 C.F.R. 103.21

Sec. 103.21 Reports by banks of suspicious transactions.

(a) General. (1) Every bank shall file with the Treasury Department, to the extent and
in the manner required by this section, a report of any suspicious transaction relevant to
a possible violation of law or regulation. A bank may also file with the Treasury
Department by using the Suspicious Activity Report specified in paragraph (b)(1) of this
section or otherwise, a report of any suspicious transaction that it believes is relevant
to the possible violation of any law or regulation but whose reporting is not required by
this section.

(2) A transaction requires reporting under the terms of this section if it is conducted
or attempted by, at, or through the bank, it involves or aggregates at least $5,000 in
funds or other assets, and the bank knows, suspects, or has reason to suspect that:

(i) The transaction involves funds derived from illegal activities or is intended or
conducted in order to hide or disguise funds or assets derived from illegal activities
(including, without limitation, the ownership, nature, source, location, or control of
such funds or assets) as part of a plan to violate or evade any federal law or regulation
or to avoid any transaction reporting requirement under federal law or regulation;

(ii) The transaction is designed to evade any requirements of this part or of any other
regulations promulgated under the Bank Secrecy Act, Pub. L. 91-508, as amended, codified
at 12 U.S.C. 1829b, 12 U.S.C. 1951-1959, and 31 U.S.C. 5311-5330; or

(iii) The transaction has no business or apparent lawful purpose or is not the sort in
which the particular customer would normally be expected to engage, and the bank knows of
no reasonable explanation for the transaction after examining the available facts,
including the background and possible purpose of the transaction.

(b) Filing procedures--(1) What to file. A suspicious transaction shall be reported by
completing a Suspicious Activity Report (``SAR''), and collecting and maintaining
supporting documentation as required by paragraph (d) of this section.

(2) Where to file. The SAR shall be filed with FinCEN in a central location, to be
determined by FinCEN, as indicated in the instructions to the SAR.

(3) When to file. A bank is required to file a SAR no later than 30 calendar days after
the date of initial detection by the bank of facts that may constitute a basis for filing
a SAR. If no suspect was identified on the date of the detection of the incident requiring
the filing, a bank may delay filing a SAR for an additional 30 calendar days to identify a
suspect. In no case shall reporting be delayed more than 60 calendar days after the date
of initial detection of a reportable transaction. In situations involving violations that
require immediate attention, such as, for example, ongoing money laundering schemes, the
bank shall immediately notify, by telephone, an appropriate law enforcement authority in
addition to filing timely a SAR.

(c) Exceptions. A bank is not required to file a SAR for a robbery or burglary
committed or attempted that is reported to appropriate law enforcement authorities, or for
lost, missing, counterfeit, or stolen securities with respect to which the bank files a
report pursuant to the reporting requirements of 17 CFR 240.17f-1.

(d) Retention of records. A bank shall maintain a copy of any SAR filed and the
original or business record equivalent of any supporting documentation for a period of
five years from the date of filing the SAR. Supporting documentation shall be identified,
and maintained by the bank as such, and shall be deemed to have been filed with the SAR. A
bank shall make all supporting documentation available to FinCEN and any appropriate law
enforcement agencies or bank supervisory agencies upon request.

(e) Confidentiality of reports; limitation of liability. No bank or other financial
institution, and no director, officer, employee, or agent of any bank or other financial
institution, who reports a suspicious transaction under this part, may notify any person
involved in the transaction that the transaction has been reported. Thus, any person
subpoenaed or otherwise requested to disclose a SAR or the information contained in a SAR,
except where such disclosure is requested by FinCEN or an appropriate law enforcement or
bank supervisory agency, shall decline to produce the SAR or to provide any information
that would disclose that a SAR has been prepared or filed, citing this paragraph (e) and
31 U.S.C. 5318(g)(2), and shall notify FinCEN of any such request and its response
thereto. A bank, and any director, officer, employee, or agent of such bank, that makes a
report pursuant to this section (whether such report is required by this section or is
made voluntarily) shall be protected from liability for any disclosure contained in, or
for failure to disclose the fact of such report, or both, to the full extent provided by
31 U.S.C. 5318(g)(3).

(f) Compliance. Compliance with this section shall be audited by the Department of the
Treasury, through FinCEN or its delegees under the terms of the Bank Secrecy Act. Failure
to satisfy the requirements of this section may be a violation of the reporting rules of
the Bank Secrecy Act and of this part. Such failure may also violate provisions of Title
12 of the Code of Federal Regulations.[61 FR 4331, Feb. 5, 1996, as amended at 61 FR
14249, Apr. 1, 1996; 61 FR 18250, Apr. 25, 1996]

A list of state and territorial law
enforcement agencies with access to SARS

State & Territorial Law Enforcement Agencies with Access to SARS

Alabama Department of Public Safety
Alaska State Troopers
Arizona Department of Public Safety
Arkansas State Police
California Department of Justice
Colorado Bureau of Investigation
Connecticut Chief State Attorneys Office
Delaware State Police
District of Columbia Metro Police
Florida Department of Law Enforcement
Georgia Bureau of Investigation
Hawaii Department of Attorney General
Idaho Department of Law Enforcement
Illinois State Police
Indiana State Police
Iowa Department of Public Safety
Kansas Bureau of Investigation
Kentucky State Police
Louisiana State Police
Maine State Police
Maryland State Police
Massachusetts State Police
Michigan State Police
Minnesota Bureau of Criminal Apprehension
Mississippi Bureau of Narcotics
Missouri State Highway Patrol
Montana Department of Justice
Nebraska State Patrol
Nevada Division of Investigation
New Hampshire State Police
New Jersey Division of Criminal Justice
New Mexico Department of Public Safety
New York State Department of Law/New York State Police
North Carolina State Bureau of Investigation
North Dakota Attorney Generals Office - BCI
Ohio Attorney Generals Office
Oklahoma State Bureau of Investigation
Oregon State Police
Pennsylvania Attorney Generals Office
Department of Justice of Puerto Rico
Rhode Island State Police
South Carolina Law Enforcement Division
South Dakota Division of Criminal Investigation
Tennessee Bureau of Investigation
Texas Office of the Attorney General
Utah Department of Public Safety
Vermont State Police
Virginia State Police
Washington State Patrol
West Virginia State Police
Wisconsin Department of Justice
Wyoming Division of Criminal Investigation